GCP, Monitoring, Web Beacons, CF, Duplicati, Tails, Hetzner, WiFi

  • Watched: Hybrid Connectivity -Reliably Extending Your Enterpise Network to GCP. Direct Peering, Dedicated Interconnect, Carrier Peering, Partner Interconnect - Nothing new or worth of mentioning, business as usual. I had earlier studied those options from their pages, but it's nice to see a video presentation. Interestingly all they talked about was IPv4, hmm. It's not time for IPv6 yet?
  • Watched: A Year in GCP Networking. Providing any cast addresses is quite nice feature.
  • Launched enhanced availability and responsiviness testing project for key services. Now all key services are monitored every 100 ms from multiple locations in Europe, with automated alerts to key persons. Earlier the monitoring interval was around 5 minutes, which was fine to detect outages and persistent high load. But it didn't catch short hiccups. Yet I've gotta say, that we didn't have too many hiccups, so it didn't matter.
  • Once again, extremely long talks with cloud server providers and colleagues. Often the sales guys to mislead the customers, over invoice and provide bad service. But that's not going to fly.
  • Web Beacon - Studied and played a little with web beacons. HTTP POST navigator.sendBeacon(url, data);
  • Keeping a changelog - Absolutely amazing post. There's so much software out there, which does not have any kind of changelog, and in many cases they don't even have commit logs. So you're getting something, which changes, breaks and does something. It's always interesting and random process, what will happen after the update, if anything does work at all. That's life. Having a proper changelog is absolutely great. Semantic versioning mentioned. I've been so often up in arms about versioning.
  • Cloudflare finally bought support for DNS record types - CERT, DNSKEY, DS, NAPTR, SMIMEA, SSHFP, TLSA and URI.
  • Cloudflare Nginx performance optimization - Great examples how complex optimization actually is, and how different reality is from academic / on paper truth.
  • Started testing Duplicati version 2.0.3.11_canary_2018-09-05. Which seems to be big update after a few months of silence, bringing many new much requested features and performance improvements. I also really loved the --retention-policy parameter, which is excellent for backups which are maintained for extended periods. Restore process still seems to max out disk IOPS and the total bandwidth seems really poor. I posted about this to Duplicati forum.
  • Tails: Does read-a-head and sorting of data improve or worsen performance? - Typical optimization problem. Could make some things and situations faster and others slower. Everything is a trade off. Just like the parallelism, in some cases it just makes performance significantly worse.
  • Tested Hetzner Cloud servers in Helsinki and Falkenstein. Perfect, great network, great disk I/O, only the CPU was bit weaker than with Scaleway's deals. But all of these options clearly beat OVH. Yet Windows license pricing is problematic with Hetzner, I mean if you need Windows. Their Helsinki Data Center located at Tuusula is also very well connected in Finland. Giving stark contrast to providers like Google which got extremely bad national connectivity in Finland.
  • Wi-Fi Gets More Secure: Everything You Need to Know About WPA3 - 802.11s - Simultaneous Authentication of Equals (SAE) which replaces Pre-Shared Key (PSK), fixes KRACK and adds forward secrecy, - Dragonfly handshake RFC7664, 192 bit encryption and optional 256 bit GCM for WPA3-Enterprise with ECDH & ECDSA, Easy Connect QR code based authentication, Enhanced Open using Opportunistic Wireless Encryption (OWE) RFC8110.

2020-01-19

k